Compliance and Privacy Newletter - 1 November 2005

VeriSign Acquires Retail Solutions, Inc.

VeriSign has announced the acquisition of Retail Solutions, Inc. (RSI), a leading provider of operational point-of-sale (POS) data to the retail industry. At the same time VeriSign also announced an agreement with the World Wide Retail Exchange (WWRE) to deliver POS services through WWRE's global platform, enhancing store-level visibility to thousands of retailers and suppliers worldwide.

Blacklist of 'risky' bank staff

Banks and similar organisations already run reference and background checks on new employees but an extra security measure is needed, according to Bits, a consortium of 100 of the largest US financial institutions. The new database, announced last week, will list information on employees at financial institutions who were fired because they compromised customer data or knowingly caused financial losses, the group said.

New Internet Safety Campaign

With the launch of the Get Safe Online campaign last week as a joint initiative between the U.K. Government, the National Hi-Tech Crime Unit and private sector sponsors the tackling of viruses, malware and similar "net nasties" demands that the government act properly are being made with even greater urgency. Now experts are criticizing the campaign for failing to confront ISPs over the problem of malware.

Business organisations can spend less on security while being more secure - Gartner

Speaking at the annual ITxpo conference in Orlando earlier this week, Gartner analyst Neil MacDonald said organisations needed to focus on processes, rather than products. He recommended either reducing the percentage of revenue spent on security spending; or increasing the amount of protection from established security spending levels.

New study finds fear of identity theft holding back e-commerce

A rapidly growing fear of identity theft and other online fraud is eroding confidence in e-commerce, newly published research has warned, leading to fears that e-commerce growth may soon halt.

The survey, was undertaken in Germany , France , the United Kingdom and the United States by Momentum Research for RSA Security. It shows that, while consumers generally in each of these nations are spending more online, a significant minority is actively reducing its investment.

Compliance and Privacy Newletter - Mid October 2005

IT Security staff are in demand

IT Security staff in demand As more and more companies become concern ed over security threats , this has increased demand for specialists in IT security a nd driven up salaries by over 25 % over the last year in the United Kingdom.

VeriSign Acquires iDefense

VeriSign Inc has acquired security intelligence firm iDefense for $40 million in cash.

iDefense specializes in developing security intelligence about software vulnerabilities and online threats. VeriSign said in a statement that it will use the Reston, Va., company's global network of researchers to improve its managed security services business.

Katrina Donation Scams

Phishing scams seeking to steal donations earmarked for Hurricane Katrina victims may have started a week ago, but security experts expect a spike in this fraudulent activity in the weeks to come. Such scams circulated widely after the devastating December 2004 tsunami in Asia . As such, expert phishers have had plenty of practice to design legitimate looking requests, said experts, and consumers should be cautious when making donations online. These spam e-mails use a common phishing tactic, showing what look like legitimate URLs of reputable organizations, but which link potential donors to bogus sites.

Banks opting for Outsourced Managed Security Services

Eighty-three per cent of the world's largest banks openly admit that their systems were threatened last year by external attackers, according to a 2004 Deloitte Security Study of CIOs and IT security officers representing the world's 100 largest banks. In 2002, the figure stood at only 39 per cent. Not only is the number of attacks increasing, but so too are their intensity: 40 per cent of the banks affected reported that those attacks resulted in financial losses.

U.S. Regulators Delay Basel 2 Requirements

Weekly Threat Report August 01 2005

The Cisco IOS Incident at Black Hat

The Cisco Internetwork Operating System (IOS) issue presented at Black Hat by security researcher Michael Lynn in Las Vegas on July 27 dominated the news this past week.

The Scots Hacker

The case of the so-called "Scots Hacker" has been adjourned until October 18, 2005. Gary McKinnon (aka "Solo"), who was on trial in London for allegedly hacking into numerous US government networks in 2001
- two weeks after the Sept. 11 terrorist attacks - is now free on bail. For now, McKinnon is barred from accessing the Internet.

Amex drops card processor after security breach

American Express has followed Visa in dropping CardSystems Solutions as a credit card payments processor, after the data security scandal that compromised the personal data of 40 million customers. It is the biggest ever single breach of personal data security in US history, with the data on, apparently, around 200,000 customers being stolen.

Indian Call Centre suffers serious security lapse

India's outsourcing companies are
introducing a national screening programme to try and limit the
potential damage caused by revelations this week that offshore
call centre staff stole $350,000 from Citibank customers.